File `metasploit-info`

脚本使用类型: portrule
脚本所属分类: intrusive, safe
脚本下载地址: http://nmap.org/svn/scripts/metasploit-info.nse

User Summary

Gathers info from the Metasploit rpc service. It requires a valid login pair. After authentication it tries to determine Metasploit version and deduce the OS type. Then it creates a new console and executes few commands to get additional info. References: * http://wiki.msgpack.org/display/MSGPACK/Format+specification * https://community.rapid7.com/docs/DOC-1516 Metasploit RPC API Guide

Script Arguments

metasploit-info.password

Valid metasploit rpc password (required)

metasploit-info.command

Custom command to run on the server (optional)

metasploit-info.username

Valid metasploit rpc username (required)

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

执行格式

nmap <target> --script=metasploit-info --script-args username=root,password=root

Script Output

55553/tcp open  metasploit-msgrpc syn-ack
| metasploit-info:
|   Metasploit version: 4.4.0-dev Ruby version: 1.9.3 i386-mingw32 2012-02-16 API version: 1.0
|   Additional info:
|   Host Name:                 WIN
|   OS Name:                   Microsoft Windows XP Professional
|   OS Version:                5.1.2600 Service Pack 3 Build 2600
|   OS Manufacturer:           Microsoft Corporation
|   OS Configuration:          Standalone Workstation
|   OS Build Type:             Uniprocessor Free
|  ..... lots of other info ....
|   Domain:                    WORKGROUP
|_  Logon Server:              \\BLABLA

Requires

Author: Aleksandar Nikolic

License: VER007 整理 http://www.ver007.com

File metasploit-info